Judge gives second AT&T iPad hacker more time to make plea deal
Follows in footsteps of co-defendant, who pleaded guilty last month in return for recommended 12-to-18-month sentence
Computerworld - A federal judge has put the case against a man charged with hacking AT&T's website on hold to allow plea negotiations to continue, court documents show.
On Wednesday, U.S. District Court Jude Susan Wigenton suspended the case against Andrew Auernheimer, who faces a maximum of 10 years in prison if convicted of two felony charges, conspiracy to access a computer without authorization, and fraud in connection with personal information.
"Plea negotiations are currently in progress and both the United States and the defendant desire additional time to finalize a plea agreement, which would render trial of this matter unnecessary," Wigenton wrote in her order, made public Thursday on the U.S. Department of Justice's case database.
Auernheimer and his court-appointed federal public defender have been negotiating a plea agreement for at least the last month.
Auernheimer, who goes by the online nickname of "weev," was a member of Goatse, a loose collection of hackers, authorities have alleged. Along with co-defendant Daniel Spitler, he is accused of stealing approximately 120,000 names and email addresses of iPad 3G owners from AT&T servers in June 2010 using an automated scripting tool.
Among the email addresses eventually made public -- Auernheimer gave information obtained from AT&T to the Gawker website -- were those belonging to New York Mayor Michael Bloomberg, former White House chief-of-staff Rahm Emanuel, and top executives at Dow Jones, The New York Times Co. and Time Warner.
At the time, Auernheimer argued that the hack was "ethical" and "in the public interest" because it revealed a flaw in AT&T's website.
Later he accused AT&T of dishonesty when it downplayed the damage to affected customers.
Auernheimer argued that other hackers armed with an iPad exploit could have used the email addresses in a targeted attack.
"A complete list of iPad 3G customers, which could have been generated from this vulnerability [Goatse uncovered], would have the ideal bit of data for those...with zero-day Safari exploits," Auernheimer claimed in a June 2010 post to the Goatse blog.
But according to the federal indictment against Auernheimer, he and Spitler had discussed exploiting their hack. "This could be like, a future massive phishing operation serious like this is valuable data," Auernheimer allegedly told Spitler in an IRC chat that authorities included in the indictment.
"Well I will say this it would be against the law ... for ME to short the att stock but if you want to do it go nuts," Auernheimer said to Spitler in another chat fragment. "If you short ATT dont let me know about it."
Spitler pleaded guilty last month to similar charges. His plea agreement recommended a 12-to-18-month sentence.
Auernheimer's attorney did not reply to a request for comment.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His e-mail address is email@example.com.
- Blue Shield discloses 18,000 doctors' Social Security numbers
- PF Chang's says breach was 'highly sophisticated criminal operation'
- Breaches exposed 1 in 7 US debit cards in 2013
- New malware program targets banking data
- How to protect yourself against privileged user abuse
- Montana data breach exposes 1.3 million personal records
- Hacker puts 'full redundancy' code-hosting firm out of business
- Six ways to prevent a breach like the one at AT&T
- Target top security officer reporting to CIO seen as a mistake
- P.F. Chang's turns to manual card processing after breach
Read more about Legal in Computerworld's Legal Topic Center.
- 5 eDiscovery Challenges Solved eDiscovery challenges continue to present themselves as data storage becomes more complex and grows the Big Data Era. Read this CommVault Solution Brief...
- Windows® XP Migration: Protect and Secure Critical Data With the end of the Microsoft Windows XP operating system's lifecycle on April 8, 2014, businesses are faced with the decision to migrate...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- PST Archiving: What is it and How is it Done? Learn more about what PST data is, the risks relating to it, and how the new PST Archiving feature in the Simpana 10...
- HP DevOps KnowledgeVault This interactive resource focuses on the evolution taking place in the world of software development, specifically the Agile development framework, and the gap... All Legal White Papers | Webcasts
Computerworld has launched its annual search for outstanding IT leaders who align technology with business goals. Nominate a top IT executive for the 2015 Premier 100 IT Leaders awards now through July 18.